Arne Padmos: Why is GPG "damn near unusable"?

Edit subtitles

0:11 - 0:18

Applause
0:18 - 0:20

So, good morning everyone
0:20 - 0:24

my name is Arne and today
0:24 - 0:26

I'll be hoping to entertain you
0:26 - 0:32

a bit with some GPG usability issues.
0:32 - 0:34

thanks for being here this early in the morning.
0:34 - 0:37

I know, some of you have had a short night
0:37 - 0:43

In short for the impatient ones:
0:43 - 0:47

Why is GnuPG damn near unusable?
0:47 - 0:52

Well, actually, I don’t know
0:52 - 0:53

Laughter
0:53 - 0:58

So more research is needed … as always.
0:58 - 1:00

Because it's not like using a thermometer.
1:00 - 1:04

We're doing something between social science and security
1:04 - 1:11

But I will present some interesting perspectives
1:12 - 1:17

or at least what I hope you'll find interesting perspectives.
1:17 - 1:20

This talk is about some possible explanations
1:20 - 1:25

that usable security research can offer to the question
1:25 - 1:27

Now some context, something about myself,
1:27 - 1:34

so you have a bit of an idea where I'm coming from
1:34 - 1:39

and what coloured glassed I have on.
1:39 - 1:44

So pretty much my background is in Mathematics,
1:44 - 1:48

Computer science, and—strangely enough—International relations
1:48 - 1:52

My professional background is that I've been doing
1:52 - 1:57

embedded system security evaluations and training
1:57 - 2:03

and I've also been a PhD student, studying the usability of security.
2:03 - 2:08

Currently, I teach the new generation,
2:08 - 2:15

hoping to bring some new blood into the security world.
2:15 - 2:18

I want to do some expectation setting
2:18 - 2:21

I want to say, what this talk is not about.
2:21 - 2:24

I will also give some helpful pointers for
2:24 - 2:30

those of you that are interested in these other areas.
2:30 - 2:34

I will not go into too much detail about the issue of truth
2:34 - 2:38

in security science.
2:38 - 2:40

Here are some links to some interesting papers that cover this
2:40 - 2:43

in a lot of detail.
2:43 - 2:46

Neither will I be giving a security primer.
2:46 - 2:50

There are some nice links to books on the slide.
2:50 - 2:55

I'll also not be giving a cryptography primer or a history lesson.
2:55 - 2:58

Neither will I be giving an introduction to PGP
2:58 - 3:03

And, interestingly enough, even though the talk is titled
3:03 - 3:07

“why is GPG damn near unusable”, I will
3:07 - 3:10

not really be doing much PGP bashing
3:10 - 3:15

I think it's quite, actually, a wonderful effort and other people
3:15 - 3:21

have pretty much done the PGP/GnuPG bashing for me.
3:21 - 3:26

And, as I've already mentioned, I will not be giving any definite answers
3:26 - 3:29

and a lot of “it depends.”
3:29 - 3:34

But then you might ask “well, it depends. What does it depend on?”
3:34 - 3:37

Well, for one: What users you’re looking at
3:37 - 3:40

which goals they have in mind and
3:40 - 3:44

in what context, what environment they’re doing these things.
3:44 - 3:48

So, instead I want to kindle your inspiration
3:48 - 3:54

I want to offer you a new view on the security environment
3:54 - 4:00

and I'll also give you some concrete exercises that you can try out
4:00 - 4:02

at home or at the office.
4:02 - 4:08

Some “do’s” and “don’t’s” and pointers for further exploration:
4:08 - 4:10

This is a short overview of the talk
4:10 - 4:16

I'll start with the background story to why I’m giving this talk
4:16 - 4:21

then an overview over usable security research area,
4:21 - 4:25

some principles and methods for usablity,
4:25 - 4:29

some case studies, then some open questions remain
4:29 - 4:36

So, the story. Well. It all started with this book.
4:37 - 4:41

When I was reading about the Snowden revelations,
4:41 - 4:47

I read, how Snowden tried to contact Glenn Greenwald.
4:47 - 4:53

On December, 1st, he sent an email, saying, well, writing to Glenn:
4:53 - 5:00

“If you don’t use PGP, some people will never be able to contact you.”
5:00 - 5:05

“Please install this helpful tool and if you need any help,
5:05 - 5:08

please request so.”
5:08 - 5:12

Three days later, Glenn Greenwald says: “Sorry, I don’t
5:12 - 5:17

know how to do that, but I’ll look into it.”
5:17 - 5:22

and Snowden writes back: “Okay, well, sure. And again:
5:22 - 5:24

If you need any help, I can facilitate contact.”
5:24 - 5:29

Now, a mere seven weeks later,
5:29 - 5:30

Laughter
5:30 - 5:37

Glenn is like “okay, well, I’ll do it within the next days or so.”
5:37 - 5:38

Okay, sure …
5:38 - 5:43

Snowden’s like “my sincerest thanks”.
5:43 - 5:46

But actually in the meantime, Snowden was growing a bit impatient
5:46 - 5:51

’cause, okay, “why are you not encrypting?”
5:51 - 5:55

So he sent an email to Micah Lee, saying, “okay, well, hello,
5:55 - 6:02

I’m a friend, can you help me getting contact with Laura Poitras?”
6:02 - 6:06

In addition to that, he made a ten-minute video for Glenn Greenwald
6:06 - 6:09

Laughter
6:09 - 6:11

… describing how to use GPG.
6:11 - 6:17

And actually I have quite a lot of screenshots of that video
6:17 - 6:20

and it's quite entertaining.
6:20 - 6:24

’cause, of course, Snowden was getting increasingly
6:24 - 6:28

bothered by the whole situation.
6:28 - 6:33

Now, this is the video that Snowden made
6:33 - 6:40

“GPG for Journalists. For Windows.”
6:41 - 6:47

Laughter
6:49 - 6:51

I’ll just click through it, because I think,
6:51 - 6:54

the slides speak for themselves.
6:54 - 7:01

Take notes of all the usability issues you can identify.
7:02 - 7:06

So just click through the wizard, generate a new key,
7:06 - 7:12

enable “expert settings”, ’cause we want 3000-bit keys
7:12 - 7:16

We want a very long password, etc.
7:16 - 7:19

And now, of course, we also wanna go and find keys
7:19 - 7:22

on the keyserver.
7:22 - 7:25

And we need to make sure that we shouldn’t
7:25 - 7:29

write our draft messages in GMail
7:29 - 7:32

or Thunderbird and enigmail, for that matter.
7:32 - 7:37

Although that issue has been solved.
7:40 - 7:42

So, I think you can start seeing
7:42 - 7:45

why Glenn Greenwald
—even if he did open this video—
7:45 - 7:53

was like
“okay, well, I’m not gonna bother.”
7:53 - 7:57

And Snowden is so kind to say, after 12 minutes,
7:57 - 8:02

“if you have any remaining questions, please contact me.”
8:02 - 8:06

At this year’s HOPE conference,
8:06 - 8:12

Snowden actually did a call for arms and he said
8:12 - 8:17

“Okay, we need people to evaluate our security systems.
8:17 - 8:24

we need people to go and do red team. But in addition to that,
8:26 - 8:31

we also need to look at the user experience issue.”
8:31 - 8:37

So this is a transcript of his kind of manifesto
8:37 - 8:42

and he says: “GPG is really damn near unusable”
8:42 - 8:47

because, well, of course, you might know command line
8:47 - 8:50

and then, okay, you might be okay
8:50 - 8:53

but “Gam Gam at the home”, she is never going to be able
8:53 - 8:59

to use GnuPG.
8:59 - 9:09

And he also notes that, okay, we were part of a technical elite
9:09 - 9:16

and he calls on us to work on the technical literacy of people
9:16 - 9:18

because what he explicitly warns against is
9:18 - 9:23

a high priesthood of technology.
9:23 - 9:28

Okay, that’s a nice call to arms
9:28 - 9:33

but are we actually up for a new dawn?
9:33 - 9:40

Well, I wanna go into the background of usable security
9:40 - 9:45

and I wanna show you that we’ve actually been
9:45 - 9:48

in a pretty dark time.
9:48 - 9:56

So, back in 1999, there was this paper:
“Why Johnny can’t encrypt”
9:56 - 10:01

which described mostly the same broken interface
10:01 - 10:10

so if you remember, if you go back to the video of which
10:10 - 10:15

I showed some screenshots, then, well, if you look at
10:15 - 10:22

these screenshots from 1999, well,
is there a lot of difference?
10:22 - 10:24

Not really! Nothing much has changed.
10:24 - 10:26

There are still the same
10:26 - 10:32

conceptual barriers,
and same crappy defaults.
10:32 - 10:36

And most astonishingly, in the paper there
10:36 - 10:39

is a description of a user study where
10:39 - 10:45

users were given 90 minutes to encrypt an email
10:45 - 10:50

and most were unable to do so.
10:50 - 10:55

I think, that pretty much describes “damn near unusable.”
10:55 - 11:03

A timeline from, well, before 1999 to now
11:03 - 11:06

of the usable security research.
11:06 - 11:10

So, quite a lot has happened
11:10 - 11:15

although it is still a growing field.
11:15 - 11:21

It started—the idea of usable security,
it was explicitly defined first—
11:21 - 11:30

in 1975, but it was only until
… only in … 1989 that
11:30 - 11:33

the first usability tests were carried out.
11:33 - 11:38

And only in 1996 that
11:38 - 11:45

the concept of “user-centered security”
was described.
11:45 - 11:49

An interesting paper, also from 1999, shows how
11:49 - 11:55

contary to the general description of users as lazy
11:55 - 12:01

and basically as the weakest chain in security
12:01 - 12:06

this paper describes users as pretty rational beings
12:06 - 12:10

who see security as an overhead and …
where they don't
12:10 - 12:17

understand the usefulness of what they’re doing.
12:17 - 12:21

The study of PGP 5.0, I’ve talked about that already,
12:21 - 12:28

and there was also a study of the
Kazaa network in 2002.
12:28 - 12:30

And it was found out that a lot of users were
12:30 - 12:35

accidentally sharing files from personal pictures,
12:35 - 12:42

who knows, maybe credit-card details,
you never know, right?
12:42 - 12:48

In 2002, a lot of the knowledge of usable security design
12:48 - 12:51

was concretised in ten key principles
12:51 - 12:54

and if you’re interested,
12:54 - 13:04

I do recommend you to look at the paper.
13:04 - 13:10

A solution to the PGP problem was proposed in
13:10 - 13:12

2004, well, actually,
13:12 - 13:15

it was proposed earlier
but it was tested in 2005.
13:15 - 13:20

And it was found that actually
if we automate encryption
13:20 - 13:24

and if we automate key exchange then, well,
13:24 - 13:26

things are pretty workable, except that
13:26 - 13:30

users still fall for
phishing attacks, of course.
13:30 - 13:38

But last year, another research
identified that, well,
13:38 - 13:42

making security transparent is all nice and well
13:42 - 13:46

but it's also dangerous because users no longer
13:46 - 13:50

are less likely to trust the system and
13:50 - 13:54

are less likely to really understand
what’s really happening.
13:54 - 13:59

So a paper this year also identified another issue:
13:59 - 14:04

Users generally have very bad understanding
14:04 - 14:06

of the email architecture.
14:06 - 14:09

An email goes from point A to point B.
14:09 - 14:16

And what happens in-between is unknown.
14:16 - 14:23

So, before I go on to general usability principles
14:23 - 14:28

from the founding pillar of the usable security field
14:28 - 14:34

I wanna give some exaples of usability failures.
14:34 - 14:37

You might be familiar with project VENONA.
14:37 - 14:42

This was an effort by the US intelligence agencies
14:42 - 14:45

to try and decrypt soviet communication.
14:45 - 14:49

And they actually were pretty successful.
14:49 - 14:54

They encovered a lot of spying and, well,
14:54 - 14:56

how did they do this?
14:56 - 15:00

The soviets were using one-time pads and,
15:00 - 15:03

well, if you reuse a one-time pad,
15:03 - 15:08

then you leak a lot of information about plain-text.
15:08 - 15:10

Well, what we also see happening a lot is
15:10 - 15:13

low password entropy.
15:13 - 15:19

We have people choosing password “123456”, etc.
15:19 - 15:25

And what I just described, the study looking into
15:25 - 15:29

the mental models of users,
15:29 - 15:32

of the email architecture and how it works
15:32 - 15:35

well, at the top you have
15:35 - 15:38

still a pretty simplified description of how things work
15:38 - 15:41

and at the bottom we have an actual drawing
15:41 - 15:43

of a research participant when asked:
15:43 - 15:50

“Can you draw how an email
goes from point A to point B?”
15:50 - 15:54

And it’s like:
“Well, it goes from one place to the other.”
15:54 - 15:59

Okay …
15:59 - 16:01

clicking sounds
16:01 - 16:04

Okay, so this died.
16:13 - 16:19

So, these are two screenshots of enigmail
16:19 - 16:22

Well, if I wouldn’t have marked them
16:22 - 16:27

as the plaintext and encrypted email that would be sent
16:27 - 16:31

you probably wouldn’t have spotted which was which
16:31 - 16:35

this is a pretty big failure in
16:35 - 16:40

the visibility of the system.
16:40 - 16:45

You don’t see anything? Ah.
16:45 - 16:48

Audience: “That’s the point!”
That's the point, yes!
16:48 - 16:58

laughter
applause
16:58 - 17:02

On the left we have a screenshot of GPG and
17:02 - 17:04

as I’ve already described,
17:04 - 17:09

command line people, we like command lines
17:09 - 17:11

but normal people don’t.
17:11 - 17:14

And what we also see is a lot of the jargon that is
17:14 - 17:17

currently being used even in GUI applications
17:17 - 17:23

so on the right there is PGP 10.0.
17:23 - 17:26

Now I wanna close these examples with
17:26 - 17:29

well, you might be wondering: “what is this?”
17:29 - 17:33

This is actually an example of a security device
17:33 - 17:37

from, I think it’s around 4000 years ago.
17:37 - 17:38

Like, People could use this.
17:38 - 17:43

Why can’t we get it right today?
17:43 - 17:46

Something that you should,
17:46 - 17:49

this is a little homework exercise,
17:49 - 17:52

take a laptop to your grandma, show her PGP,
17:52 - 17:55

can she use it—yes or no?
17:55 - 18:02

Probably not, but who knows?
18:02 - 18:04

Now I wanna go into
18:04 - 18:10

the usability cornerstones of usable security.
18:10 - 18:13

I wanna start with heuristics
18:13 - 18:16

some people call them “rules of thumb,” other people
18:16 - 18:19

call them “the ten holy commandments”
18:19 - 18:23

For example, the ten commandments of Dieter Rams,
18:23 - 18:27

there is ten commandments of Jakob Nielsen,
18:27 - 18:28

of Don Norman
18:28 - 18:35

and it really depends on who you believe in, etc.
18:35 - 18:37

But at the cornerstone of all of these is that
18:37 - 18:40

design is made for people.
18:40 - 18:46

And, well, actually, Google says it quite well
18:46 - 18:49

in their guiding mission:
18:49 - 18:53

“Focus on the user and all else will follow.”
18:53 - 18:55

Or, as a usability maxim:
18:55 - 18:57

“thou shalt test with thy user”
18:57 - 19:01

Don’t just give them the thing.
19:01 - 19:03

But there is one problem with these heuristics
19:03 - 19:07

and with this advice going just with your user.
19:07 - 19:11

Because it’s a pretty abstract advice.
19:11 - 19:12

What do you do?
19:12 - 19:14

You go out into the world to get practice.
19:14 - 19:18

You start observing people.
19:18 - 19:20

One nice exercise to try is:
19:20 - 19:21

go to the vending machine,
19:21 - 19:25

for example the ones at the S-Bahn.
19:25 - 19:26

Just stand next to it
19:26 - 19:28

and observe people buying tickets.
19:28 - 19:31

It’s quite entertaining, actually.
19:31 - 19:34

Laughter
19:34 - 19:36

And something you can also do is
19:36 - 19:38

search for usability failures.
19:38 - 19:40

This is what you already do when
19:40 - 19:41

you’re observing people.
19:41 - 19:45

But even just google for “usability failure”,
19:45 - 19:48

“GUI fail”, etc., and you will find
19:48 - 19:53

lots of entertaining stuff.
19:53 - 19:55

Those were some heuristics
19:55 - 19:56

but what about the princpiles
19:56 - 20:02

that lie behind those?
20:02 - 20:06

Usability or interaction design
20:06 - 20:09

is a cycle between the user and the system.
20:09 - 20:10

The user and the world.
20:10 - 20:12

The user acts on the world
20:12 - 20:14

and gets feedback.
20:14 - 20:17

They interpret that.
20:17 - 20:18

One important concept is
20:18 - 20:20

for things to be visible.
20:20 - 20:21

For the underlying system state
20:21 - 20:22

to be visible and
20:22 - 20:24

you get appropriate feedback
20:24 - 20:26

from the system.
20:26 - 20:31

So these are Don Norman’s gulfs
of execution and evaluation
20:31 - 20:35

sort of yin and yang.
20:35 - 20:39

And there is two concrete problems
20:39 - 20:40

to illustrate.
20:40 - 20:42

For example, the button problem
20:42 - 20:46

that “how do you know what happens
when you push the button?”
20:46 - 20:51

and “how do you know how to push it?”
20:51 - 20:53

I unforunately don’t have a picture of it
20:53 - 20:58

but at Oxford station, the tabs in the bathrooms
20:58 - 21:02

they say “push” and you need to turn.
21:02 - 21:05

Laughter
21:05 - 21:09

Then there is the toilet door problem.
21:09 - 21:12

The problem of “how do you know
what state a system is in”.
21:12 - 21:16

How do you know whether an email will be encrypted?
21:16 - 21:20

This is a picture …
21:20 - 21:22

basically there is two locks.
21:22 - 21:26

One is actually broken and it’s …
when pushing the button that's on the
21:26 - 21:29

door handle, you usually lock the door.
21:29 - 21:32

But … well … it broke. So that must have been
21:32 - 21:36

an entertaining accident.
21:36 - 21:39

Another, as I’ve already described,
21:39 - 21:44

another important concept is that of mental models.
21:44 - 21:48

It’s a question of what idea does the user have
21:48 - 21:53

of the system by interacting with it?
21:53 - 21:56

How do they acquire knowledge?
21:56 - 21:59

For example, how to achieve discoverability
21:59 - 22:01

of the system?
22:01 - 22:06

And how to ensure that while
a user is discovering the system
22:06 - 22:09

that they are less likely to make mistakes?
22:09 - 22:14

So this is the concept of poka-yoke
22:14 - 22:18

and it’s … here is an example
you also see with floppy disks,
22:18 - 22:22

with USB sticks, etc.
22:22 - 22:24

It’s engineered such that users are
22:24 - 22:27

less likely to make a mistake.
22:27 - 22:31

Then there’s also the idea
of enabling knowledge transfer
22:31 - 22:33

So how can we do this?
22:33 - 22:35

One thing is metaphors.
22:35 - 22:40

And I’m not sure how many of you recognise this,
22:40 - 22:44

this is Microsoft BOB.
22:44 - 22:46

Traditionally, PC systems have been built
22:46 - 22:52

on the desktop metaphor.
22:52 - 22:58

Laughter
Microsoft BOB had a little too much.
22:58 - 23:05

To enable knowledge transfer,
you can also standardise systems.
23:05 - 23:09

And one important tool for this is design languages
23:09 - 23:12

so if you’re designing for iOS, go look at
23:12 - 23:16

the design language, the Human
Interface Guidelines of iOS.
23:16 - 23:20

The same for Windows – go look
at the Metro Design Guidelines.
23:20 - 23:26

As for Android, look at Material Design.
23:26 - 23:30

Because, another interesting exercise
to try out
23:30 - 23:33

relating to design languages
23:33 - 23:38

and also to get familiar with how designers try to
23:38 - 23:41

communicate with users is to
23:41 - 23:45

look at an interface and trying to decode
23:45 - 23:49

what the designer is trying to say to the user.
23:49 - 23:54

And another interesting exercise is to look at
23:54 - 23:59

not usability but UNusability.
23:59 - 24:01

So there is this pretty interesting book
24:01 - 24:05

called “evil by design” and it goes into
24:05 - 24:08

all the various techniques that designers use
24:08 - 24:17

to fool users, to get them to buy an extra hotel, car, etc.
24:17 - 24:22

and, well, RyanAir is pretty much the worst offender
24:22 - 24:25

so a good example to study.
24:25 - 24:31

Applause
24:31 - 24:34

So, what if you wanna go out into the world
24:34 - 24:40

and are gonna apply these princpiles, these heuristics?
24:40 - 24:42

The first thing to know is that
24:42 - 24:45

design has to be a process
24:45 - 24:51

whereby, first part is actually defining your problem.
24:51 - 24:54

You first brain-storm
24:54 - 24:58

then you try to narrow down to concrete requirements
24:58 - 25:03

after which you go and try out
the various approaches
25:03 - 25:06

and test these.
25:06 - 25:09

What materials do usability experts actually use?
25:09 - 25:16

Well, of course there’s expensive tools, Axure, etc.
25:16 - 25:19

but I think one of the most used materials
25:19 - 25:25

is still the post-it note. Just paper and pens.
25:25 - 25:29

And, okay, where do you wanna go and test?
25:29 - 25:32

Well, actually, go out into the field.
25:32 - 25:36

Go to the ticket machine of the S-Bahn.
25:36 - 25:39

But also go and test in the lab, so that you have
25:39 - 25:42

a controlled environment.
25:42 - 25:45

And then you ask “okay, how do I test?”
25:45 - 25:50

Well, first thing is: Go and get some real people.
25:50 - 25:55

Of course, it’s … it can be difficult to actually
25:55 - 26:01

get people into the lab but it’s not impossible.
26:01 - 26:02

So once you have people in the lab,
26:02 - 26:05

here are some methods.
26:05 - 26:07

There are so many usability evaluation methods
26:07 - 26:09

that I’m not gonna list them all and
26:09 - 26:13

I encourage you to go and look them up yourself
26:13 - 26:15

’cause it’s also very personal what works for you
26:15 - 26:20

and what works in your situation.
26:20 - 26:23

When using these methods you wanna
26:23 - 26:26

evaluate how well a solution works
26:26 - 26:30

So you’re gonna look at some matrix
26:30 - 26:31

so that at the end of your evaluation
26:31 - 26:35

you can say “okay, we’ve done a good job”,
26:35 - 26:40

“this can go better”,
“Okay, maybe we can move that”, …
26:40 - 26:44

So these are the standardised ones, so
26:44 - 26:48

how effective are people, or etc.
26:48 - 26:53

You can read …
26:53 - 26:56

For a quick start guide on how to
26:56 - 26:59

perform usability studies, this is quite a nice one.
26:59 - 27:00

And the most important thing to remember
27:00 - 27:05

is that preparation is half the work.
27:05 - 27:08

First thing to check that everything is working,
27:08 - 27:17

make sure that you have everyone
you need in the room, etc.
27:17 - 27:23

And maybe most importantly,
usability and usable security,
27:23 - 27:26

well, usable security is still a growing field, but
27:26 - 27:31

usability is a very large field and most likely
27:31 - 27:35

all the problems that you are going to face
27:35 - 27:37

or at least a large percentage, other people
27:37 - 27:39

have faced before.
27:39 - 27:44

So this book is, well, it describes a lot of the stories
27:44 - 27:48

of user experience professionals and the things
27:48 - 27:52

that they’ve come up against.
27:52 - 27:56

A homework exerciese if you feel like it
27:56 - 28:01

is looking at basically analysing who is your user
28:01 - 28:07

and where they’re going to use the application.
28:07 - 28:10

And also something to think about is
28:10 - 28:13

how might you involve your user?
28:13 - 28:17

Not just during the usability testing,
28:17 - 28:21

but also afterwards.
28:21 - 28:28

Now I wanna go into some case
studies of encryption systems.
28:28 - 28:30

Now there’s quite a lot, and these are not all,
28:30 - 28:35

it’s just a small selection but I wanna focus on three.
28:35 - 28:40

I wanna focus at the OpenPGP standard,
Cryptocat and TextSecure.
28:40 - 28:43

So, OpenPGP, well …
28:43 - 28:46

email is now almost 50 years old,
28:46 - 28:52

we have an encryption standard—S/MIME,
it is widely used
28:52 - 28:56

well, it’s widely usable but it’s not widely used …
28:56 - 29:04

and GnuPG is used widely but is not installed by default
29:04 - 29:10

and when usability teaches us one thing
29:10 - 29:14

it’s that defaults rule.
29:14 - 29:18

Because users don’t change defaults.
29:18 - 29:23

Now you might ask “Okay,
PGP is not installed by default,
29:23 - 29:27

so is there actually still a future for OpenPGP?”
29:27 - 29:30

Well, I’d argue: Yes.
We have browser plug-ins
29:30 - 29:33

which make it easier for users
29:33 - 29:38

JavaScript crypto … I’ll come back to that later …
29:38 - 29:43

But when we look at Mailvelope, we see, well,
29:43 - 29:48

the EFF scorecard, it has a pretty decent rating
29:48 - 29:56

at least compared to that of native PGP implementations.
29:56 - 29:59

And also Google has announced and has been working
29:59 - 30:01

for quite some time on their own plug-in for
30:01 - 30:03

end-to-end encryption.
30:03 - 30:08

And Yahoo! is also involved in that.
30:08 - 30:11

And after the Snowden revelations there has been
30:11 - 30:15

a widespread search in the interest
30:15 - 30:18

in encrypted communications
30:18 - 30:23

and this is one website where a lot of these are listed.
30:23 - 30:28

And one project that I’d especially like to emphasise
30:28 - 30:32

is mailpile because I think it looks
30:32 - 30:35

like a very interesting approach
30:35 - 30:38

whereby the question is:
30:38 - 30:41

Can we use OpenPGP as a stepping stone?
30:41 - 30:47

OpenPGP is not perfect, meta-data is not protected,
30:47 - 30:48

header is not protected, etc.
30:48 - 30:52

But maybe when we get people into the ecosystem,
30:52 - 30:56

we can try and gradually move
them to more secure options.
30:56 - 30:59

Now, what about Cryptocat?
30:59 - 31:04

So, Cryptocat’s online chat platform
31:04 - 31:07

that … yes … uses JavaScript.
31:07 - 31:11

And of course, JavaScript crypto is bad
31:11 - 31:15

but it can be made better.
31:15 - 31:20

And I think JavaScript crypto is not the worst problem.
31:20 - 31:23

Cryptocat had a pretty disastrous problem
31:23 - 31:27

whereby all messages that were sent
31:27 - 31:31

were pretty easily decryptable.
31:31 - 31:33

But actually, this is just history repeating itself
31:33 - 31:39

’cause PGP 1.0 used something called BassOmatic,
31:39 - 31:45

the BassOmatic cypher which is also pretty weak.
31:45 - 31:50

And Cryptocat is improving, which is the important thing.
31:50 - 31:51

There is now a browser plug-in and
31:51 - 31:54

of course, there’s an app for that and
31:54 - 31:57

actually, Cryptocat is doing really, really well
31:57 - 31:59

in the EFF benchmarks.
31:59 - 32:05

And Cryptocat is asking the one question that a lot
32:05 - 32:07

of other applications are not asking, which is:
32:07 - 32:09

“How can we actually make crypto fun?”
32:09 - 32:12

When you start Cryptocat, there’s noises
32:12 - 32:15

and there’s interesting facts about cats
32:15 - 32:19

Laughter
32:19 - 32:21

… depends on whether you like cats, but still!
32:21 - 32:23

Keeps you busy!
32:23 - 32:29

Now, the last case: TextSecure
also has pretty good markings
32:29 - 32:32

and actually just like CryptoCat,
32:32 - 32:36

the App store distribution model is something that
32:36 - 32:39

I think is a valuable one for usability.
32:39 - 32:42

It makes it easy to install.
32:42 - 32:46

And something that TextSecure is also looking at is
32:46 - 32:52

synchronisation options for your address book.
32:52 - 32:57

And I think the most interesting development is
32:57 - 33:00

on the one side, the CyanogenMod integration,
33:00 - 33:05

so that people will have encryption enabled by default.
33:05 - 33:10

’Cause as I mentioned: People don’t change defaults.
33:10 - 33:15

And this one is a bit more contoversial, but
33:15 - 33:18

there’s also the WhatsApp partnership.
33:18 - 33:21

And of course people will say “it’s not secure”,
33:21 - 33:23

we know, we know,
33:23 - 33:24

EFF knows!
33:24 - 33:29

But at least, it’s more secure than nothing at all.
33:29 - 33:31

Because: Doesn’t every little bit help?
33:31 - 33:33

Well, I’d say: yes.
33:33 - 33:36

And at least, it’s one stepping stone.
33:36 - 33:40

And, well, all of these are open-source,
33:40 - 33:42

so you can think for yourself:
33:42 - 33:45

How can I improve these?
33:45 - 33:50

Now, there’s still some open questions remaining
33:50 - 33:53

in the usable security field and in the
33:53 - 33:56

wider security field as well.
33:56 - 33:59

I won’t go into all of these,
33:59 - 34:03

I wanna focus on the issues that developers have,
34:03 - 34:06

issues of end user understanding
34:06 - 34:09

and of identitiy management.
34:09 - 34:14

Because the development environment
34:14 - 34:18

there’s the crypto-plumbing problem, some people call it.
34:18 - 34:21

How do we standardise on a cryptographic algorithm?
34:21 - 34:25

How do we make everyone use the same system?
34:25 - 34:29

Because, again, it’s history repeating itself.
34:29 - 34:36

With PGP, we had RSA, changed for
DSA because of patent issues
34:36 - 34:40

IDEA changed for CAST5 because of patent issues
34:40 - 34:42

and now we have something similar:
34:42 - 34:44

’cause for PGP the question is:
34:44 - 34:46

Which curve do we choose?
34:46 - 34:51

’cause this is from Bernstein, who has got a whole list
34:51 - 34:56

of, well not all the curves,
but a large selection of them
34:56 - 34:58

analysing the security
34:58 - 35:01

but how do you make, well, pretty much
35:01 - 35:06

the whole world agree on a single standard?
35:06 - 35:11

And also, can we move toward safer languages?
35:11 - 35:18

And I’ve been talking about the
usability of encryption systems
35:18 - 35:22

for users, but what about for developers?
35:22 - 35:26

So, API usability, and as I’ve mentioned:
35:26 - 35:28

Language usability.
35:28 - 35:32

And on top of that, it is not just a technical issue,
35:32 - 35:35

because, of course, we secure microchips,
35:35 - 35:42

but we also wanna secure social systems.
35:42 - 35:45

Because, in principal, we live in an open system,
35:45 - 35:51

in an open society and a system cannot audit itself.
35:51 - 35:56

So, okay, what do we do, right?
I don’t know.
35:56 - 35:58

I mean, that’s why it’s an open question!
35:58 - 36:01

’Cause how de we ensure the authenticity of,
36:01 - 36:06

I don’t know, my Intel processor in my lapotp?
36:06 - 36:07

How do I know that the
36:07 - 36:09

random number generator isn’t bogus?
36:09 - 36:14

Well, I know it is, but …
laughter
36:14 - 36:17

Then, there’s the issue of identity management
36:17 - 36:19

related to key management, like
36:19 - 36:25

who has the keys to the kingdom?
36:25 - 36:27

One approach, as I’ve already mentioned, is
36:27 - 36:29

key continuity management.
36:29 - 36:32

Whereby we automate both key exchange and
36:32 - 36:36

whereby we automate encryption.
36:36 - 36:38

So one principle is trust on first use,
36:38 - 36:44

whereby, well, one approach will be to attach your key
36:44 - 36:46

to any email you send out and anyone who receives
36:46 - 36:50

this email just assumes it’s the proper key.
36:50 - 36:53

Of course, it’s not fully secure,
36:53 - 36:56

but at least, it’s something.
36:56 - 36:59

And this is really, I think, the major question
36:59 - 37:01

in interoperability:
37:01 - 37:05

How do you ensure that you can access your email
37:05 - 37:09

from multiple devices?
37:09 - 37:11

Now, of course, there is meta-data leakage,
37:11 - 37:14

PGP doesn’t protect meta-data,
37:14 - 37:17

and, you know, your friendly security agency knows
37:17 - 37:18

where you went last summer …
37:18 - 37:19

So, what do we do?
37:19 - 37:24

We do anonymous routing, we send over tor, but
37:24 - 37:26

I mean, how do we roll that out?
37:26 - 37:28

I think the approach that
37:28 - 37:30

mailpile is trying to do is interesting
37:30 - 37:33

and, of course still an open question, but
37:33 - 37:37

interesting research nonetheless.
37:37 - 37:39

Then there’s the introduction problem of
37:39 - 37:44

okay, how, I meet someone here, after the talk,
37:44 - 37:46

they tell me who they are,
37:46 - 37:50

but either I get their card—which is nice—or
37:50 - 37:52

they say what their name is.
37:52 - 37:56

But they’re not gonna tell me, they’re not gonna spell out
37:56 - 37:58

their fingerprint.
37:58 - 38:02

So the idea of Zooko’s triangle is that identifiers
38:02 - 38:08

are either human-meaningful,
secure or decentralised.
38:08 - 38:09

Pick two.
38:09 - 38:13

So here’s some examples of identifiers,
38:13 - 38:16

so for Bitcoin: Lots of random garbage.
38:16 - 38:19

For OpenPGP: Lots of random garbage
38:19 - 38:22

For miniLock: Lots of random garbage
38:22 - 38:26

So, I think an interesting research problem is:
38:26 - 38:30

Can we actually make these things memorable?
38:30 - 38:32

You know, I can memorise email addresses,
38:32 - 38:34

I can memorise phone numbers,
38:34 - 38:40

I can not memorise these. I can try, but …
38:40 - 38:45

Then, the last open question I wanna focus on
38:45 - 38:49

is that of end-user understanding.
38:49 - 38:54

So of course, we’ll know that all devices are monitored.
38:54 - 39:00

But does the average user?
39:00 - 39:05

Do they know what worms can do?
39:05 - 39:09

Have they read these books?
39:09 - 39:15

Do they know where GCHQ is?
39:15 - 39:21

Do they know that Cupertino has
pretty much the same powers?
39:21 - 39:24

Laughter
39:24 - 39:29

Do they know they’re living in a panopticon to come?
39:29 - 39:32

Laughter
39:32 - 39:38

Do they know that people are
killed based on meta-data?
39:38 - 39:41

Well, I think not.
39:41 - 39:46

And actually this is a poster from the university
39:46 - 39:47

where I did my Master’s
39:47 - 39:51

and interestingly enough, it was founded by a guy
39:51 - 39:56

who made a fortune selling sugar pills.
39:56 - 40:03

You know, snake oil, we also have this in crypto.
40:03 - 40:06

And how is the user to know
40:06 - 40:08

whether something is secure or not?
40:08 - 40:11

Of course, we have the secure messaging scorecard
40:11 - 40:15

but can users find these?
40:15 - 40:21

Well, I think, there’s three aspects
to end-user understanding
40:21 - 40:24

which is knowledge acquisition,
knowledge transfer,
40:24 - 40:27

and the verification updating of this knowledge.
40:27 - 40:31

So, as I’ve already mentioned,
we can do dummy-proofing
40:31 - 40:38

and we can create transparent systems.
40:38 - 40:41

For knowledge transfer, we can
40:41 - 40:44

look at appropriate metaphors and design languages.
40:44 - 40:47

And for verification we can
40:47 - 40:51

try an approach: Choose an advertising.
40:51 - 40:56

And, last but not least, we can do user-testing.
40:56 - 41:03

Because all these open questions that I’ve described
41:03 - 41:06

and all this research that has been done,
41:06 - 41:11

I think it’s missing one key issue, which is that
41:11 - 41:14

the usability people and the security people
41:14 - 41:17

tend not to really talk to one another.
41:17 - 41:21

The open-source developers and the users:
41:21 - 41:23

Are they talking enough?
41:23 - 41:27

I think that’s something, if we want a new dawn,
41:27 - 41:31

that’s something that I think we should approach.
41:31 - 41:35

Yeah, so, from my side, that’s it.
41:35 - 41:37

I’m open for any questions.
41:37 - 41:49

Applause
41:49 - 41:52

Herald: Arne, thank you very much for your brilliant talk
41:52 - 41:55

Now, if you have any questions to ask, would you please
41:55 - 41:58

line up at the microphones in the aisles?!
41:58 - 42:00

The others who’d like to leave now,
42:00 - 42:04

I’d ask you kindly to please leave very quietly
42:04 - 42:09

so we can hear what the people
asking questions will tell us.
42:09 - 42:14

And those at the microphones,
if you could talk slowly,
42:14 - 42:19

then those translating have no problems in translating
42:19 - 42:21

what is being asked. Thank you very much.
42:21 - 42:27

And I think we’ll start with mic #4 on the left-hand side.
42:27 - 42:32

Mic#4: Yes, so, if you’ve been to any successful
42:32 - 42:36

crypto party, you know that crypto parties very quickly
42:36 - 42:41

turn into not about discussing software,
how to use software,
42:41 - 42:44

but into threat model discussions.
42:44 - 42:47

And to actually get users
to think about what they’re
42:47 - 42:49

trying to protect themselves for and if a certain
42:49 - 42:53

messaging app is secure, that still means nothing.
42:53 - 42:56

’Cause there is lots of other stuff that’s going on.
42:56 - 42:57

Can you talk a little bit about that and
42:57 - 43:00

how that runs into this model about, you know,
43:00 - 43:02

how we need to educate users and, while we’re at it,
43:02 - 43:04

what we want to educated about.
43:04 - 43:06

And what they actually need to be using.
43:06 - 43:10

Arne: Well, I think that’s an interesting point
43:10 - 43:14

and I think, one issue, one big issue is:
43:14 - 43:17

okay, we can throw lots of crypto parties
43:17 - 43:21

but we’re never gonna be able to throw enough parties.
43:21 - 43:23

I … with one party you’re very lucky
43:23 - 43:25

you’re gonna educate 100 people.
43:25 - 43:29

I mean, just imagine how many parties
you’d need to throw. Right?
43:29 - 43:33

I mean, it’s gonna be a heck of party, but … yeah.
43:33 - 43:39

And I think, secondly, the question of threat modeling,
43:39 - 43:43

I think, sure, that’s helpful to do, but
43:43 - 43:48

I think, users do first need an understanding of,
43:48 - 43:49

for example, the email architecture.
43:49 - 43:52

Cause, how can they do threat
modeling when they think
43:52 - 43:55

that an email magically pops
from one computer to the next?
43:55 - 43:59

I think, that is pretty much impossible.
43:59 - 44:01

I hope that …
44:01 - 44:05

Herald: Thank you very much, so …
Microphone #3, please.
44:05 - 44:07

Mic#3: Arne, thank you very much for your talk.
44:07 - 44:10

There’s one aspect that I didn’t see in your slides.
44:10 - 44:13

And that is the aspect of the language that we use
44:13 - 44:17

to describe concepts in PGP—and GPG, for that matter.
44:17 - 44:20

And I know that there was a paper last year
44:20 - 44:22

about why King George can’t encrypt and
44:22 - 44:24

they were trying to propose a new language.
44:24 - 44:26

Do you think that such initiatives are worthwile
44:26 - 44:29

or are we stuck with this language and should we make
44:29 - 44:32

as good use of it as we can?
44:32 - 44:38

Arne: I think that’s a good point
and actually the question
44:38 - 44:45

of “okay, what metaphors do you wanna use?” … I think
44:45 - 44:47

we’re pretty much stuck with the language
44:47 - 44:50

that we’re using for the moment but
44:50 - 44:54

I think it does make sense
to go and look into the future
44:54 - 44:58

at alternatives models.
44:58 - 45:01

Yeah, so I actually wrote a paper that also
45:01 - 45:05

goes into that a bit, looking at
45:05 - 45:09

the metaphor of handshakes to exchange keys.
45:09 - 45:10

So, for example, you could have
45:10 - 45:16

an embedded device as a ring or wristband,
45:16 - 45:19

it could even be a smartwatch, for that matter.
45:19 - 45:22

Could you use that shaking of hands to
45:22 - 45:24

build trust-relationships?
45:24 - 45:30

And that might be a better
metaphor than key-signing,
45:30 - 45:31

webs of trust, etc.
45:31 - 45:35

’Cause I think, that is horribly broken
45:35 - 45:40

for I mean the concept, trying
to explain that to users.
45:40 - 45:43

Herald: Thank you. And … at the back in the middle.
45:43 - 45:45

Signal angel: Thanks. A question from the internet:
45:45 - 45:47

[username?] from the Internet wants to know if you’re
45:47 - 45:52

aware of the PEP project, the “pretty easy privacy”
45:52 - 45:53

and your opinions on that.
45:53 - 45:55

And another question is:
45:55 - 46:02

How important is the trust level of the crypto to you?
46:02 - 46:04

Arne: Well, yes, actually, there’s this screenshot
46:04 - 46:10

of the PEP project in the slides
46:10 - 46:15

… in the why WhatsApp is horribly insecure and
46:15 - 46:19

of course, I agree, and yeah.
46:19 - 46:22

I’ve looked into the PEP project for a bit
46:22 - 46:25

and I think, yeah, I think it’s an interesting
46:25 - 46:28

approach but I still have to read up on it a bit more.
46:28 - 46:31

Then, for the second question,
46:31 - 46:38

“how important is the rust in the crypto?”:
46:38 - 46:42

I think that’s an important one.
46:42 - 46:43

Especially the question of
46:43 - 46:53

“how do we build social systems
to ensure reliable cryptography?”
46:53 - 46:57

So one example is the Advanced
Encryption Standard competition.
46:57 - 47:00

Everyone was free to send in entries,
47:00 - 47:02

their design princpiles were open
47:02 - 47:06

and this is in complete contrast
to the Data Encryption Standard
47:06 - 47:12

which, I think, the design princpiles are still Top Secret.
47:12 - 47:16

So yeah, I think, the crypto is
something we need to build on
47:16 - 47:22

but, well, actually, the crypto is
again built on other systems
47:22 - 47:28

where the trust in these systems
is even more important.
47:28 - 47:31

Herald: Okay, thank you, microphone #2, please.
47:31 - 47:34

Mic#2: Yes, Arne, thank you very
much for your excellent talk.
47:34 - 47:38

I wonder how about what to do with feedback
47:38 - 47:41

on usability in open-source software.
47:41 - 47:42

So, you publish something on GitHub
47:42 - 47:44

and you’re with a group of people
47:44 - 47:45

who don’t know each other and
47:45 - 47:48

one publishes something,
the other publishes something,
47:48 - 47:51

and then: How do we know
this software is usable?
47:51 - 47:54

In commercial software, there’s all kind of hooks
47:54 - 47:56

on the website, on the app,
47:56 - 47:59

to send feedback to the commercial vendor.
47:59 - 48:02

But in open-source software,
how do you gather this information?
48:02 - 48:05

How do you use it, is there any way to do this
48:05 - 48:06

in an anonymised way?
48:06 - 48:09

I haven’t seen anything related to this.
48:09 - 48:11

Is this one of the reasons why
open-source software is maybe
48:11 - 48:15

less usable than commercial software?
48:15 - 48:20

Arne: It might be. It might be.
48:20 - 48:23

But regarding your question, like, how do you know
48:23 - 48:30

whether a commercial software is usable, well,
48:30 - 48:32

you … one way is looking at:
48:32 - 48:35

Okay, what kind of statistics do you get back?
48:35 - 48:38

But if you push out something totally unusable
48:38 - 48:40

and then, I mean, you’re going to expect
48:40 - 48:45

that the statistics come back looking like shit.
48:45 - 48:50

So, the best approach is to
design usability in from the start.
48:50 - 48:51

The same with security.
48:51 - 48:55

And I think, that is also …
so even if you have …
48:55 - 48:59

you want privacy for end users, I think it’s still possible
48:59 - 49:02

to get people into their lab and look at:
49:02 - 49:03

Okay, how are they using the system?
49:03 - 49:06

What things can we improve?
49:06 - 49:08

And what things are working well?
49:08 - 49:11

Mic#2: So you’re saying, you should only publish
49:11 - 49:19

open-source software for users
if you also tested in a lab?
49:19 - 49:23

Arne: Well, I think, this is a bit of a discussion of:
49:23 - 49:26

Do we just allow people to build
houses however they want to
49:26 - 49:28

or do we have building codes?
49:28 - 49:32

And … I think … well, actually, this proposal of holding
49:32 - 49:36

software developers responsible for what they produce,
49:36 - 49:40

if it’s commercial software, I mean,
that proposal has been
49:40 - 49:42

made a long time ago.
49:42 - 49:43

And the question is:
49:43 - 49:48

How would that work in an
open-source software community?
49:48 - 49:50

Well, actually, I don’t have an answer to that.
49:50 - 49:53

But I think, it’s an interesting question.
49:53 - 49:54

Mic#2: Thank you.
49:54 - 49:58

Herald: Thank you very much. #1, please.
49:58 - 50:01

Mic#1: You said that every little bit helps,
50:01 - 50:04

so if we have systems that
don’t provide a lot of … well …
50:04 - 50:07

are almost insecure, they
provide just a bit of security, than
50:07 - 50:10

that is still better than no security.
50:10 - 50:13

My question is: Isn’t that actually worse because
50:13 - 50:15

this promotes a false sense of security and
50:15 - 50:20

that makes people just use
the insecure broken systems
50:20 - 50:24

just to say “we have some security with us”?
50:24 - 50:26

Arne: I completely agree but
50:26 - 50:29

I think that currently people … I mean …
50:29 - 50:31

when you think an email goes
50:31 - 50:34

from one system to the other directly
50:34 - 50:41

and I mean … from these studies
that I’ve done, I’ve met
50:41 - 50:46

quite some people who still think email is secure.
50:46 - 50:50

So, of course, you might give
them a false sense of security
50:50 - 50:53

when you give them a
more secure program but
50:53 - 50:54

at least it’s more secure than email—right?
50:54 - 50:56

I mean …
50:56 - 50:57

Mic#1: Thank you.
50:57 - 51:00

Herald: Thank you. There’s another
question on the Internet.
51:00 - 51:03

Signal angel: Yes, thank you. Question from the Internet:
51:03 - 51:06

What crypto would you finally
recommend your grandma to use?
51:06 - 51:10

Arne: laughs
51:10 - 51:16

Well … Unfortunately, my grandma
has already passed away.
51:16 - 51:20

I mean … her secrets will be safe …
51:27 - 51:32

Actually, I think something like where
51:32 - 51:37

Crypto is enabled by default, say …
iMessage, I mean
51:37 - 51:42

of course, there’s backdoors,
etc., but at least
51:42 - 51:45

it is more secure than plain SMS.
51:45 - 51:53

So I would advise my grandma
to use … well, to look at …
51:53 - 51:56

actually I’d first analyse
what does she have available
51:56 - 51:59

and then I would look at okay
which is the most secure
51:59 - 52:04

and still usable?
52:04 - 52:07

Herald: Thank you very much, so mic #3, please.
52:07 - 52:11

Mic#3: So, just wondering:
52:11 - 52:15

You told that there is
a problem with the missing
52:15 - 52:20

default installation of GPG
on operating systems but
52:20 - 52:25

I think, this is more of a
problem of which OS you choose
52:25 - 52:28

because at least I don’t
know any Linux system which
52:28 - 52:34

doesn’t have GPG installed today by default.
52:34 - 52:40

If you use … at least I’ve used
the normal workstation setup.
52:40 - 52:43

Arne: Yes, I think you already
answered your own question:
52:43 - 52:47

Linux.
Laughter
52:47 - 52:51

Unfortunately, Linux is not yet widely default.
52:51 - 52:53

I mean, I’d love it to be, but … yeah.
52:53 - 52:58

Mic#3: But if I send an email to Microsoft and say:
52:58 - 53:03

Well, install GPG by default, they’re not gonna
53:03 - 53:04

listen to me.
53:04 - 53:08

And I think, for all of us, we should do
53:08 - 53:09

a lot more of that.
53:09 - 53:14

Even if Microsoft is the devil for most of us.
53:14 - 53:16

Thank you.
53:16 - 53:20

Arne: Well … We should be doing more of what?
53:20 - 53:26

Mic#3: Making more demands
to integrate GPG by default
53:26 - 53:29

in Microsoft products, for example.
53:29 - 53:31

Arne: Yes, I completely agree.
53:31 - 53:34

Well, what you already see happening …
53:34 - 53:36

or I mean, it’s not very high-profile yet,
53:36 - 53:39

but for example I mean … I’ve refered to
53:39 - 53:43

the EFF scorecard a couple of times but
53:43 - 53:50

that is some pressure to encourage developers
53:50 - 53:53

to include security by default.
53:53 - 53:57

But, I think I’ve also mentioned, one of the big problems
53:57 - 54:01

is: users at the moment … I mean …
54:01 - 54:04

developers might say: my system is secure.
54:04 - 54:07

I mean … what does that mean?
54:07 - 54:10

Do we hold developers and
commercial entities …
54:10 - 54:12

do we hold them to, well,
54:12 - 54:14

truthful advertisting standards or not?
54:14 - 54:17

I mean, I would say: Let’s gonna look at
54:17 - 54:21

what are companies claiming and
54:21 - 54:23

do they actually stand up to that?
54:23 - 54:26

And if not: Can we actually sue them?
54:26 - 54:28

Can we make them tell the truth about
54:28 - 54:31

what is happening and what is not?
54:31 - 54:33

Herald: So, we’ve got about 2 more minutes left …
54:33 - 54:37

So it’s a maximum of two more questions, #2, please.
54:37 - 54:43

Mic#2: Yeah, so … Every security system fails.
54:43 - 54:50

So I’m interested in what sort of work has been done on
54:50 - 54:57

how do users recover from failure?
54:57 - 55:01

Everything will get subverted,
55:01 - 55:04

your best firend will sneak
your key off your computer,
55:04 - 55:06

something will go wrong with that, you know …
55:06 - 55:10

your kids will grab it …
55:10 - 55:13

and just, is there, in general, has somebody looked at
55:13 - 55:17

these sorts of issues?
55:17 - 55:19

Is there research on it?
55:19 - 55:22

Arne: Of various aspects of the problem but
55:22 - 55:26

as far as I’m aware not for the general issue
55:26 - 55:30

and not any field studies specifically looking at
55:30 - 55:34

“Okay, what happens when a key is compromised, etc.”
55:34 - 55:38

I mean, we do have certain cases of things happening
55:38 - 55:42

but nothing structured.
55:42 - 55:45

No structured studies, as far as I’m aware.
55:45 - 55:47

Herald: Thank you. #3?
55:47 - 55:52

Mic#3: Yeah, you mentioned
mailpile as a stepping stone
55:52 - 55:56

for people to start using GnuPG and stuff, but
55:56 - 56:05

you also talked about an
average user seeing mail as just
56:05 - 56:09

coming from one place and
then ending up in another place.
56:09 - 56:12

Shouldn’t we actually talk about
56:12 - 56:18

how to make encryption transparent for the users?
56:18 - 56:21

Why should they actually care about these things?
56:21 - 56:25

Shouldn’t it be embedded in the protocols?
56:25 - 56:29

Shouldn’t we actually talk about
embedding them in the protocols,
56:29 - 56:32

stop using unsecure protocols
56:32 - 56:36

and having all of these,
you talked a little bit about it,
56:36 - 56:39

as putting it in the defaults.
56:39 - 56:43

But shouldn’t we emphasise that a lot more?
56:43 - 56:47

Arne: Yeah, I think we should
certainly be working towards
56:47 - 56:50

“How do we get security by default?”
56:50 - 56:54

But I think … I’ve mentioned it shortly that
56:54 - 56:58

making things transparent also has a danger.
56:58 - 57:01

I mean, this whole, it’s a bit like …
57:01 - 57:03

a system should be transparent is a bit like
57:03 - 57:06

marketing speak, because actually
57:06 - 57:09

we don’t want systems to be completely transparent,
57:09 - 57:13

’cause we also wanna be able
to engage with the systems.
57:13 - 57:16

Are the systems working as they should be?
57:16 - 57:20

So, I mean, this is a difficult balance to find, but yeah …
57:20 - 57:25

Something that you achieve through usability studies,
57:25 - 57:29

security analysis, etc.
57:29 - 57:31

Herald: All right, Arne,
thank you very much for giving
57:31 - 57:34

us your very inspiring talk,
57:34 - 57:36

thank you for sharing your information with us.
57:36 - 57:38

Please give him a round of applause.
57:38 - 57:41

Thank you very much.
applause
57:41 - 57:52

subtitles created by c3subtitles.de
Join, and help us!

Title:: Arne Padmos: Why is GPG "damn near unusable"?
Description:: http://media.ccc.de/browse/congress/2014/31c3_-_6021_-_en_-_saal_g_-_201412281130_-_why_is_gpg_damn_near_unusable_-_arne_padmos.html

GPG has been correctly described as "damn near unusable". Why is this so? What does research into usable security tell us? This talk covers the history, methods, and findings of the research field, as well as proposed solutions and open questions.

Arne Padmos

more » « less
Video Language:: English
Duration:: 57:52

	C3Subtitles edited English subtitles for Arne Padmos: Why is GPG "damn near unusable"?
	Bar Sch edited English subtitles for Arne Padmos: Why is GPG "damn near unusable"?
	Bar Sch edited English subtitles for Arne Padmos: Why is GPG "damn near unusable"?
	Bar Sch edited English subtitles for Arne Padmos: Why is GPG "damn near unusable"?
	Bar Sch edited English subtitles for Arne Padmos: Why is GPG "damn near unusable"?
	Bar Sch edited English subtitles for Arne Padmos: Why is GPG "damn near unusable"?
	Bar Sch edited English subtitles for Arne Padmos: Why is GPG "damn near unusable"?
	Bar Sch edited English subtitles for Arne Padmos: Why is GPG "damn near unusable"?

Show all

English subtitles

Revisions

Revision 18 Edited

C3Subtitles

Arne Padmos: Why is GPG "damn near unusable"?

Revisions

Our website uses cookies

Operating cookies (Required)